Security specialist McAfee announced a comprehensive database security
solution that protects business-critical databases, based on the Security
Connected initiative launched in October 2010. It involves protecting a
company’s data assets from network to server to the database itself. This
approach is designed to protect data in every state (data in motion, data at
rest and data in use) via access controls, network security, server security,
data protection and encryption—all centrally managed.
The McAfee solution includes Vulnerability Manager for Databases, which
automatically discovers all databases on the network, collects an inventory of
configuration detail, determines if the latest patches have been applied and
scans for vulnerabilities. On top of network firewall and intrusion prevention,
McAfee provides the third layer of defense on the data itself, whether at rest
or in use through data loss prevention (DLP),
which helps ensure data integrity and utilizes policy to prevent improper transmission
of critical data.
The company’s database security solution is managed by ePolicy Orchestrator
and includes McAfee Database Activity Monitoring (DAM), which not only tracks
database changes, but also protects a business’s most valuable and sensitive
data from external threats and malicious insiders with real-time alerts and
session termination.
“Users are increasingly anxious about the security of their data, and are
looking for database security solutions that provide uniform coordination with
policy management,” said Carl Olofson, research vice president of database
management and data integration software research at IT research firm IDC.
“Having the ability to protect data at rest, in motion and in use through
access control, encryption and auditing is a key area of importance. The
ability to track vulnerability issues is a key differentiator which businesses
are looking for when choosing database security solutions.”
In a recent market outlook survey by Evalueserve, databases were cited as
the most challenging part of the IT infrastructure to protect, which explains
why for many customers the level of database protection does not match the
criticality of the data. Research shows that more than 92 percent of records
breached involved a database, with more than 87 percent based on exploits
requiring significant technical skills.
“Data is the lifeblood of every organization. Any loss, interruption or
breach could mean disaster,” said Stuart McClure, senior vice president and
general manager of risk and compliance for McAfee. “McAfee is committed to
providing our customers with best-in-class database security solutions. We
designed a comprehensive security solution to protect even the most dynamic of
database environments. Our commitment is made more evident by today’s
announcement of our pending acquisition of Sentrigo, a leading provider of
database security, monitoring and intrusion prevention solutions.”